Why Your Company’s Information Is No Longer Private
IT professionals believe 79% of employees accidentally put sensitive company data at risk between March 2018 to March 2019. The study by Egress on data breaches also states that there is a disconnect between what employees think is breaking company policy and what isn’t when it comes to sharing data. Additionally, IT professionals believe 61% of all data leaks are intentional and based on malicious intent.
What is the leading cause of data leaks from employees? Intentional or not, it looks like there is a pattern between remote workers, devices, and lack of a company policy pertaining to online privacy. While more people around the world start to work remotely, it’s become easier for an employer to point their finger as to who let the data leak. Yet another study suggests only 11% of companies take steps to keep their mobile networks and devices secure from data breaches.
The Egress study points out that 55% of the surveyed employees who intentionally shared data said their company did not provide them with proper tools or protocols for sharing information. This means that employees were left uneducated about how to properly share sensitive information.
Five Steps To Keeping Your Company Safe Online
Unfortunately, data breaches and leaks can hit almost anyone, but SMB’s (or small to medium-sized businesses) are most at risk. Whether it is a phishing attempt, lack of proper data transfer or weak security on personal devices, carelessness is no excuse for a data breach.
1.Educating Employees On Phishing Attempts
In our guide to phishing, we discuss the various types of malicious online parties that threaten a business. Spear phishing and whaling can post the biggest threats to your company’s sensitive information. In both situations, phishers attempt to act as someone within a company who tries to spoof credible emails to lure victims into providing these sensitive documents. Some signs employees should look out for are:
• Strange links included in emails
• Google stating the email is a phishing email by showcasing a red hook
• Checking the domain on the email address
• Checking the email for spelling and grammatical errors
Of course, the best way is to just ask the person who the email appears to be from if they actually sent it.
2. Establish An Organization or Company Wide Policy
Whether it is unintentional or intentional, a policy that is clear with brevity and common terms non-technical people can understand is vital. Your policy should incorporate how data is stored and transferred between employees and the company, privacy policies related to personal devices, and policies on using strong and unique passwords for various accounts.
For example, make sure your employees use a password management app like LastPass. Also, tell an employee not to use the same passwords they use for their personal accounts and not to connect their work email to different apps that have access to your information.
3. Public Wifi Policy
Do the majority of your employees work remotely? Most employers say, “if the work gets done, we don’t care where you work from.” Yet they should. Public wifi at coffee shops, hotels, airports, and other areas leave anyone at risk for a device take over. Connecting to a spoof network can allow a hacker to access the information on a device. This puts your sensitive data at risk.
4. Detection of System Vulnerabilities
Too many businesses don’t update their applications, computer systems, or hardware often enough. This leaves gaping holes in the online security of your company. Update everything when a new patch is out and make sure your employees update the apps on their devices, too. If you are worried about losing data, back up any information to a secure and encrypted storage device before doing so. And while the cloud might seem easier, it can put you at higher risk for a cyber attack.
5. Storing and Syncing to Secure Storage
More often than not, leaks and breaches happen due to poor storage. SecureDrive fills the void with market unique security features for protecting your information. The SecureDrive BT has FIPS 140-2 Level 3 Validation and provides wireless authentication. Additionally, it is remote management ready with Geo- and time-fencing. We also offer the secure drive KP with a keypad entry and automatic wipe after 10 consecutive failed PIN entries. The entire SecureDrive product line features brute force anti-hacking features and many other security options.
Improve Your Company’s Remote Employee Online Security Today
Improve your overall remote security today by enlisting help from devices that were crafted for security with the SecureDrive product line. For more information, contact us today at 1-800-875-3230.